has documented what it says is the first ransomware operation carried out from start to finish by an autonomous artificial ...
JadePuffer exploited a vulnerable Langflow server, harvested credentials, moved laterally, and encrypted more than 1,300 ...
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Sysdig's JadePuffer case is billed as the first ransomware attack planned and executed end to end by an AI agent, with no human directing it.
Researchers from security firm Trend Micro warn that a critical remote code execution vulnerability patched in April in the Langflow AI agent framework is being exploited to deploy botnet malware. The ...
Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and ...
The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework ...
A critical vulnerability in Langflow, an open source framework for AI agent development, has been exploited in the wild shortly after its initial disclosure. The Cybersecurity and Infrastructure ...
A critical flaw found in the open source Langflow platform was added to the US Cybersecurity and Infrastructure Security Agency’s (CISA's) Known Exploited Vulnerabilities (KEV) catalog. Langflow is a ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results